Zoek.exe v5.0.0.0 Updated 20-November-2014 Tool run by Steven on vr 21/11/2014 at 16:19:10,48. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Steven\Desktop\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== 21/11/2014 16:21:38 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Installed Programs ====================== Adobe AIR Adobe Bridge CC (64 Bit) Adobe Creative Cloud Adobe Creative Suite 6 Master Collection Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Help Manager Adobe Illustrator CS6 Adobe InDesign CC Adobe Photoshop CS6 Adobe Reader XI (11.0.09) - Nederlands Adobe Shockwave Player 11.6 Adobe© Content Viewer Akamai NetSession Interface Alcor Micro Smart Card Reader Driver AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager Apple Application Support Apple Mobile Device Support Apple Software Update Arc ArcSoft Webcam Sharing Manager Autodesk 3ds Max Design 2013 64-bit Autodesk Backburner 2013.0.0 Autodesk Civil View for 3ds Max Design 2013 Autodesk DirectConnect 2013 64-bit Autodesk Download Manager Autodesk Essential Skills Movies for 3ds Max Design 2013 64-bit Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013 64-bit Autodesk Inventor Server Engine for 3ds Max Design 2013 64-bit Autodesk Material Library 2013 Autodesk Material Library Base Resolution Image Library 2013 Autodesk Material Library Medium Resolution Image Library 2013 Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit Autodesk Showcase 2013 64-bit Autodesk SketchBook Designer 2013 Autodesk SketchBook Designer for AutoCAD 2013 Autodesk Sync Battle.net Battlefield 3T Battlelog Web Plugins Belgium e-ID middleware 4.0.7 (build 7438) BitTorrent Bonjour Broadcom Bluetooth Software Brother MFL-Pro Suite MFC-J5910DW BS.Player FREE Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CodeMeter Runtime Kit v4.50c Composite 2013 64-bit Curse Client D3DX10 Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition Device Access Manager for HP ProtectTools DirectX 9 Runtime Drive Encryption For HP ProtectTools Embedded Security for HP ProtectTools Energy Star Digital Logo Face Recognition for HP ProtectTools Facebook Video Calling 3.1.0.521 Free YouTube to MP3 Converter version 3.12.0.128 Google Earth Plug-in Google Update Helper Hearthstone Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Auto HP Connection Manager HP Customer Experience Enhancements HP Documentation HP ESU for Microsoft Windows 7 HP File Sanitizer HP GPS and Location HP HD Webcam Driver HP Hotkey Support HP Mobile Broadband Drivers HP Postscript Converter HP Power Assistant HP ProtectTools Security Manager HP Setup HP SoftPaq Download Manager HP Software Framework HP Software Setup HP Support Assistant HP System Default Settings HP Wallpaper HP Web Camera HP Webcam IDT Audio Intel(R) Management Engine Components Intel(R) Network Connections Drivers Intel(R) PRO/Wireless Driver Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software Intel© Trusted Connect Service Client iTunes Java 7 Update 11 (64-bit) Java 7 Update 71 Java Auto Updater JMicron 1394 Filter Driver JMicron Flash Media Controller Driver Junk Mail filter update KeyShot4 4.0 64 bit League of Legends LEGO Digital Designer McAfee Security Scan Plus Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2003 Web Components Microsoft Office 2010 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Starter 2010 - Nederlands Microsoft Office Word MUI (Dutch) 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft PowerPoint Viewer Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual Basic for Applications 7.1 (x64) Microsoft Visual Basic for Applications 7.1 (x64) English Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU Microsoft Visual Studio 2005 Tools for Applications - ENU Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Movie Maker Mozilla Firefox 33.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) opensource Origin Pando Media Booster Path of Exile PDF Settings CC PDF Settings CS6 Photo Common Photo Gallery Pristontale 3169 Privacy Manager for HP ProtectTools PVZ Garden Warfare RBVirtualFolder64Inst Roxio Activation Module Roxio CinePlayer Decoder Pack Roxio Express Labeler 3 Roxio MyDVD Business 2010 Roxio Secure Burn SDK Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Siemens NX 8.0 SimCityT SkypeT 6.16 Stuurprogrammapakket voor Windows - Fedict SmartCard (02/05/2014 4.0.7.3) swMSM Synaptics Pointing Device Driver Theft Recovery for HP ProtectTools Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Validity Fingerprint Sensor Driver VIP Access SDK (1.1.0.7) WildStar Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (32-bit) ==== Running Processes ====================== C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\ProgramData\IePluginServices\PluginService.exe C:\Program Files (x86)\SupTab\HpUI.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\SupTab\Loader32.exe c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe C:\windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\windows\SysWOW64\cmd.exe C:\Users\Steven\AppData\Local\Akamai\netsession_win.exe C:\Users\Steven\AppData\Local\Akamai\netsession_win.exe C:\Users\Steven\Desktop\zoek.exe C:\windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\0zvl38dm.default user.js not found ---- Lines quick_start removed from prefs.js ---- user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- Lines helperbar removed from prefs.js ---- user_pref("extensions.helperbar.Country", "Belgium"); user_pref("extensions.helperbar.DockingPositionDown", false); user_pref("extensions.helperbar.SmartbarDisabled", false); user_pref("extensions.helperbar.SmartbarStateMinimaized", false); user_pref("extensions.helperbar.UserID", "4e3bab5a-d9ae-4441-bf4d-ce306f91f65f"); user_pref("extensions.helperbar.Visibility", true); ---- Lines smartbar removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 0); ---- FireFox user.js and prefs.js backups ---- prefs_20142111_1629_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Users\Steven\.android deleted C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\COMMON~1\Config deleted C:\awhA42E.tmp deleted C:\Users\Steven\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Steven\AppData\Roaming\OpenCandy deleted C:\PROGRA~3\IePluginServices deleted C:\PROGRA~3\WindowsMangerProtect deleted C:\PROGRA~3\Package Cache deleted C:\Users\Steven\AppData\Local\Genesis_09091803 deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\roboot64.exe deleted C:\Users\Steven\Downloads\bsplayer266.1075.exe deleted C:\Users\Steven\Downloads\bsplayer_installer.exe deleted C:\Users\Steven\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\Steven\Downloads\SoftonicDownloader_for_vlc-media-player.exe deleted C:\windows\SysNative\drivers\Msft_Kernel_webinstr_01009.Wdf deleted C:\windows\SysNative\config\systemprofile\Searches deleted C:\windows\Syswow64\sho170C.tmp deleted C:\windows\Syswow64\sho2DD4.tmp deleted C:\windows\Syswow64\sho2DFC.tmp deleted C:\windows\Syswow64\sho334F.tmp deleted C:\windows\Syswow64\sho3D60.tmp deleted C:\windows\Syswow64\sho425B.tmp deleted C:\windows\Syswow64\sho44A.tmp deleted C:\windows\Syswow64\sho45A.tmp deleted C:\windows\Syswow64\sho4723.tmp deleted C:\windows\Syswow64\sho4A65.tmp deleted C:\windows\Syswow64\sho55EB.tmp deleted C:\windows\Syswow64\sho5D18.tmp deleted C:\windows\Syswow64\sho6448.tmp deleted C:\windows\Syswow64\sho6744.tmp deleted C:\windows\Syswow64\sho728F.tmp deleted C:\windows\Syswow64\sho72F4.tmp deleted C:\windows\Syswow64\sho7919.tmp deleted C:\windows\Syswow64\sho821E.tmp deleted C:\windows\Syswow64\sho8433.tmp deleted C:\windows\Syswow64\sho8865.tmp deleted C:\windows\Syswow64\sho8A25.tmp deleted C:\windows\Syswow64\sho8A76.tmp deleted C:\windows\Syswow64\sho8E2C.tmp deleted C:\windows\Syswow64\sho9D89.tmp deleted C:\windows\Syswow64\shoA31A.tmp deleted C:\windows\Syswow64\shoA9C8.tmp deleted C:\windows\Syswow64\shoBF4B.tmp deleted C:\windows\Syswow64\shoC443.tmp deleted C:\windows\Syswow64\shoC871.tmp deleted C:\windows\Syswow64\shoC905.tmp deleted C:\windows\Syswow64\shoCBAE.tmp deleted C:\windows\Syswow64\shoCC3C.tmp deleted C:\windows\Syswow64\shoCF13.tmp deleted C:\windows\Syswow64\shoDC5A.tmp deleted C:\windows\Syswow64\shoDC99.tmp deleted C:\windows\Syswow64\shoDD95.tmp deleted C:\windows\Syswow64\shoE332.tmp deleted C:\windows\Syswow64\shoE46E.tmp deleted C:\windows\Syswow64\shoE586.tmp deleted C:\windows\Syswow64\shoFE91.tmp deleted C:\windows\Syswow64\shoFF5F.tmp deleted C:\windows\SysWOW64\installd.exe deleted C:\windows\Syswow64\InstallUtil.InstallLog deleted C:\Users\Steven\Autodesk_Product_Design_Suite_Ultimate_2013_English_Win_64bit.part01.exe deleted "C:\ProgramData\cm-lock" not deleted "C:\PROGRA~2\SupTab\Loader32.exe" deleted "C:\PROGRA~2\SupTab\Loader64.exe" deleted "C:\PROGRA~2\SupTab\msvcp110.dll" deleted "C:\PROGRA~2\SupTab\msvcr110.dll" not deleted "C:\PROGRA~2\SupTab\WindowsSupportDll32.dll" deleted "C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not deleted "C:\PROGRA~2\SupTab" not deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4028 MB CPU Info: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz CPU Speed: 2891,1 MHz Sound Card: Luidsprekers / HP (IDT High Def | Display Adapters: AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: HP hs2350 HSPA+ Mobile Broadband Module Network Adapter | Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Advanced-N 6205 | Intel(R) 82579LM Gigabit Network Connection CD / DVD Drives: 1x (F: | ) F: hp DVD-RAM UJ8D1 Ports: COM3 | COM1 | COM6 | COM5 | COM4 | COM7 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 442,3GB | E: 2,0GB | G: 21,1GB | Q: 0,0MB Hard Disks - Free: C: 99,3GB | E: 221,4MB | G: 3,2GB | Q: 0,0MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 10/31/11 | HPQOEM - f Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 17A7 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 33.1 Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 33.1 (x86 en-US) Adobe Reader version: 11.0.9.29 Sun Java version: 1.7.0_71 (32-bit) Sun Java version: 1.7.0_11 (64-bit) Flash Player version: 15.0.0.223 Shockwave Player version: 11.6.8r638 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== 2014-11-21 10:09:59 5EDA2E14783A3F3716296E4C50624770 713690680 ----a-w- C:\windows\MEMORY.DMP ====== C:\Users\Steven\AppData\Local\Temp ==== 2014-11-16 08:21:02 31714B485EDC9A30DC234A024C439485 24071104 ----a-w- C:\Users\Steven\AppData\Local\Temp\SP68562.exe ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== 2014-11-20 13:12:47 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\windows\SysWOW64\kerberos.dll 2014-11-20 13:12:47 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\windows\SysWOW64\pku2u.dll 2014-11-12 22:12:03 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\windows\SysWOW64\oleaut32.dll 2014-11-12 14:25:41 B6273619A3DF28F03B64E911E45A6AB2 30720 ----a-w- C:\windows\SysWOW64\iernonce.dll 2014-11-12 14:25:41 A6E51BDCB8F4B84E874F918F0452763D 76288 ----a-w- C:\windows\SysWOW64\mshtmled.dll 2014-11-12 14:25:41 5D5640C34C4A97467F77489DBB157568 47616 ----a-w- C:\windows\SysWOW64\ieetwproxystub.dll 2014-11-12 14:25:40 FB56C76FEA44693752BD99D7D9930ABA 341168 ----a-w- C:\windows\SysWOW64\iedkcs32.dll 2014-11-12 14:25:40 93074C4FA92A8399404D032F6AF72C1B 19781632 ----a-w- C:\windows\SysWOW64\mshtml.dll 2014-11-12 14:25:40 843BD9DAF03ABB6761DEE6D155301F28 60416 ----a-w- C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 14:25:40 66F4FFDBCD501260ABC198317D2B0D10 285696 ----a-w- C:\windows\SysWOW64\dxtrans.dll 2014-11-12 14:25:40 4772DB007FFBD4BBE3F526704BCA67FE 1310208 ----a-w- C:\windows\SysWOW64\urlmon.dll 2014-11-12 14:25:40 26EE6C9780A8FC872C60F9E35D7EBD4B 688640 ----a-w- C:\windows\SysWOW64\msfeeds.dll 2014-11-12 14:25:39 5E01004CBC35A78FE2AB4016CCAD4760 708096 ----a-w- C:\windows\SysWOW64\ieapfltr.dll 2014-11-12 14:25:39 5972510EF1C6097D9C14C17387A5EDB2 2724864 ----a-w- C:\windows\SysWOW64\mshtml.tlb 2014-11-12 14:25:39 19D68FDEE62519C5A0387EB4E88A01EF 62464 ----a-w- C:\windows\SysWOW64\iesetup.dll 2014-11-12 14:25:38 FA310BD4A5DE904445DDDE54C5A654F2 2277376 ----a-w- C:\windows\SysWOW64\iertutil.dll 2014-11-12 14:25:38 7748B3DDDC92C7FC11F7462DB872E8E7 2051072 ----a-w- C:\windows\SysWOW64\inetcpl.cpl 2014-11-12 14:25:37 8A46404AC1AEB22AA2D4C906D0FC86C2 620032 ----a-w- C:\windows\SysWOW64\jscript9diag.dll 2014-11-12 14:25:37 6DDC0F44A70976C492CB1666BA9A7912 47104 ----a-w- C:\windows\SysWOW64\jsproxy.dll 2014-11-12 14:25:36 A1A2EE55A2C69F79AED00973E604B9C4 418304 ----a-w- C:\windows\SysWOW64\dxtmsft.dll 2014-11-12 14:25:36 8585BC27224F97458C186AA085B754A7 478208 ----a-w- C:\windows\SysWOW64\ieui.dll 2014-11-12 14:25:36 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\windows\SysWOW64\ieUnatt.exe 2014-11-12 14:25:36 36EE0A2A981617610F921BCBB997DB06 12819456 ----a-w- C:\windows\SysWOW64\ieframe.dll 2014-11-12 14:25:34 AE39939F1E25401B9A4952A7A8D372AC 4298240 ----a-w- C:\windows\SysWOW64\jscript9.dll 2014-11-12 14:25:34 4169C6A6613856D69224498620F0C2B5 1155072 ----a-w- C:\windows\SysWOW64\mshtmlmedia.dll 2014-11-12 14:25:33 9ED3132B7F0D36FA9911721E8B2CB968 501248 ----a-w- C:\windows\SysWOW64\vbscript.dll 2014-11-12 14:25:33 755D0A90CFC4BCB178D7070B0351F0AE 64000 ----a-w- C:\windows\SysWOW64\MshtmlDac.dll 2014-11-12 14:25:33 6DD7D61A8EF3DFEC4FAEFEB395E77424 1892864 ----a-w- C:\windows\SysWOW64\wininet.dll 2014-11-12 14:25:33 139E85C4E5DF322AE1BF6544D8C32B0A 168960 ----a-w- C:\windows\SysWOW64\msrating.dll 2014-11-12 14:25:18 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\windows\SysWOW64\msxml3.dll 2014-11-12 14:25:18 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\windows\SysWOW64\msxml3r.dll 2014-11-12 14:25:16 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\windows\SysWOW64\adtschema.dll 2014-11-12 14:25:15 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\windows\SysWOW64\msaudite.dll 2014-11-12 14:25:15 9216ABFD53F5EC1F35C3554AD1A175DE 22016 ----a-w- C:\windows\SysWOW64\secur32.dll 2014-11-12 14:25:15 13E5B1CD503A4B21E9F0A2D55A00198B 96768 ----a-w- C:\windows\SysWOW64\sspicli.dll 2014-11-12 14:25:09 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\windows\SysWOW64\IMJP10K.DLL 2014-11-12 14:25:07 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\windows\SysWOW64\AUDIOKSE.dll 2014-11-12 14:25:05 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\windows\SysWOW64\AudioEng.dll 2014-11-12 14:25:05 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\windows\SysWOW64\AudioSes.dll 2014-11-12 14:25:01 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\windows\SysWOW64\ncrypt.dll 2014-11-12 14:25:01 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\windows\SysWOW64\schannel.dll 2014-11-12 14:24:59 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\windows\SysWOW64\msv1_0.dll 2014-11-12 14:24:59 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\windows\SysWOW64\wdigest.dll 2014-11-12 14:24:58 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\windows\SysWOW64\TSpkg.dll 2014-11-12 14:24:58 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\windows\SysWOW64\credssp.dll 2014-11-12 14:24:50 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\windows\SysWOW64\packager.dll 2014-11-12 14:24:47 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\windows\SysWOW64\msi.dll ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2014-11-20 13:12:47 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\windows\Sysnative\kerberos.dll 2014-11-20 13:12:47 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\windows\Sysnative\pku2u.dll 2014-11-12 22:12:03 B938AF16A521C913791C6F7AFF032757 861696 ----a-w- C:\windows\Sysnative\oleaut32.dll 2014-11-12 14:25:44 F992AAE3F2DF1D7D2A75B681B0C5280E 304640 ----a-w- C:\windows\Sysnative\generaltel.dll 2014-11-12 14:25:44 9F1FA4F36406693C77CC5779AA7E532D 228864 ----a-w- C:\windows\Sysnative\aepdu.dll 2014-11-12 14:25:42 6021CF6A11DE9B5FC1BD210B6855C497 424448 ----a-w- C:\windows\Sysnative\aeinv.dll 2014-11-12 14:25:41 854B230F5D77486B67D809FFB8A10C7E 2724864 ----a-w- C:\windows\Sysnative\mshtml.tlb 2014-11-12 14:25:41 7293701905DF1F40760C851F20DDC9EC 114688 ----a-w- C:\windows\Sysnative\ieetwcollector.exe 2014-11-12 14:25:41 1F3794CE1AEA5DA12ACF90210EAE4ECB 48640 ----a-w- C:\windows\Sysnative\ieetwproxystub.dll 2014-11-12 14:25:40 4E47ABA3C6C5032446A2AF7EFD026037 716800 ----a-w- C:\windows\Sysnative\ie4uinit.exe 2014-11-12 14:25:40 33098C85B789630865CD3F5D22FB0DFC 77824 ----a-w- C:\windows\Sysnative\JavaScriptCollectionAgent.dll 2014-11-12 14:25:40 26BC4EC95E363DD59171710E22108F15 34304 ----a-w- C:\windows\Sysnative\iernonce.dll 2014-11-12 14:25:38 56651A76C63DAF2C593F1F767FC8A856 1550336 ----a-w- C:\windows\Sysnative\urlmon.dll 2014-11-12 14:25:38 1C216980E7D21100A357B52B3C45F78D 388272 ----a-w- C:\windows\Sysnative\iedkcs32.dll 2014-11-12 14:25:37 E17C34BECCD1388E9B386A9F82F01222 4096 ----a-w- C:\windows\Sysnative\ieetwcollectorres.dll 2014-11-12 14:25:36 C6A719FD0B07B2DD0ADACD07636F4BAD 968704 ----a-w- C:\windows\Sysnative\MsSpellCheckingFacility.exe 2014-11-12 14:25:36 2A1A7F17C906941334C6A67E935F214B 316928 ----a-w- C:\windows\Sysnative\dxtrans.dll 2014-11-12 14:25:36 1E30BECF0DB35481588FB72C9CF97CA2 800768 ----a-w- C:\windows\Sysnative\msfeeds.dll 2014-11-12 14:25:35 BD708EBEDB35E474F1A19747154ACC47 799232 ----a-w- C:\windows\Sysnative\ieapfltr.dll 2014-11-12 14:25:35 6507CA9349500A535AF70670F248E525 66560 ----a-w- C:\windows\Sysnative\iesetup.dll 2014-11-12 14:25:34 BA4EC6139B8830BBA9CC5D065CA5796C 2884096 ----a-w- C:\windows\Sysnative\iertutil.dll 2014-11-12 14:25:34 5C9D58591D0091630452B04F35527240 2124288 ----a-w- C:\windows\Sysnative\inetcpl.cpl 2014-11-12 14:25:33 31F2A5ECFD2C75F970A3007ACD5627C7 54784 ----a-w- C:\windows\Sysnative\jsproxy.dll 2014-11-12 14:25:33 277A4735954F1BF29EE3D138A5251BFE 490496 ----a-w- C:\windows\Sysnative\dxtmsft.dll 2014-11-12 14:25:33 08BCDD6C9E23D00309F359620461DFE8 144384 ----a-w- C:\windows\Sysnative\ieUnatt.exe 2014-11-12 14:25:32 7EE5FBD190BF5B27F7977EA6CBF0DCAC 92160 ----a-w- C:\windows\Sysnative\mshtmled.dll 2014-11-12 14:25:32 69602F6259598A7837CB83D3608FE293 633856 ----a-w- C:\windows\Sysnative\ieui.dll 2014-11-12 14:25:32 154B8555A118BCFD95F358390E418B00 14390272 ----a-w- C:\windows\Sysnative\ieframe.dll 2014-11-12 14:25:31 F208D7FB40FD80EA9F123BABF687359C 6040064 ----a-w- C:\windows\Sysnative\jscript9.dll 2014-11-12 14:25:31 B6DC4597FF946B0C8B29650A71F52D4E 580096 ----a-w- C:\windows\Sysnative\vbscript.dll 2014-11-12 14:25:31 98088A13F65BE35DA3693F264740CEEC 1359360 ----a-w- C:\windows\Sysnative\mshtmlmedia.dll 2014-11-12 14:25:31 7EC80DB959695D4F927D2D601DA59F35 814080 ----a-w- C:\windows\Sysnative\jscript9diag.dll 2014-11-12 14:25:30 6FC2819A4F80AAB2DADEDFC1EFEE3C3F 2365440 ----a-w- C:\windows\Sysnative\wininet.dll 2014-11-12 14:25:29 EE3592B010E3F69D141323E592C01A1A 199680 ----a-w- C:\windows\Sysnative\msrating.dll 2014-11-12 14:25:29 4B6D9AB2ECD11AF5F6B1C42D938E0A85 88064 ----a-w- C:\windows\Sysnative\MshtmlDac.dll 2014-11-12 14:25:27 BBD6A636AAA65D874F3863280CD8373D 25110016 ----a-w- C:\windows\Sysnative\mshtml.dll 2014-11-12 14:25:19 364ECFF4ABD9D575F4F7CF7EB7928EF3 1882624 ----a-w- C:\windows\Sysnative\msxml3.dll 2014-11-12 14:25:18 D005697F0467BBDDAB7638496DA5DB52 2048 ----a-w- C:\windows\Sysnative\msxml3r.dll 2014-11-12 14:25:16 C4C1B73FC2FF151BA08E1EAFDE2A2FAF 1460736 ----a-w- C:\windows\Sysnative\lsasrv.dll 2014-11-12 14:25:16 58F87BF5659C8EBC61EB439C916F2F9A 681984 ----a-w- C:\windows\Sysnative\adtschema.dll 2014-11-12 14:25:16 008CD4EBFABCF78D0F19B3778492648C 683520 ----a-w- C:\windows\Sysnative\termsrv.dll 2014-11-12 14:25:15 7184AEACDA13E64B10F84E9DD79C8A01 146432 ----a-w- C:\windows\Sysnative\msaudite.dll 2014-11-12 14:25:09 1FEBD408F32DFC523882E7DA5AC57819 878080 ----a-w- C:\windows\Sysnative\IMJP10K.DLL 2014-11-12 14:25:07 9383B21A4B77C130940262DDC5F3F49B 500224 ----a-w- C:\windows\Sysnative\AUDIOKSE.dll 2014-11-12 14:25:06 FAFCB80D42A65964B6F4945283B8C10F 296448 ----a-w- C:\windows\Sysnative\AudioSes.dll 2014-11-12 14:25:06 DE3E38431B00C2EA247C53675DCF01A0 680960 ----a-w- C:\windows\Sysnative\audiosrv.dll 2014-11-12 14:25:06 B1BB7B91C3C878FDB2874138CE81C4EF 284672 ----a-w- C:\windows\Sysnative\EncDump.dll 2014-11-12 14:25:06 A2C9E45F4069A002E985D1563D16813B 440832 ----a-w- C:\windows\Sysnative\AudioEng.dll 2014-11-12 14:25:02 A71B81AC2C14ABA013CCF1225D9E3E36 342016 ----a-w- C:\windows\Sysnative\schannel.dll 2014-11-12 14:25:01 109CC0DF72CC07A6CB59D2995255A1DA 309760 ----a-w- C:\windows\Sysnative\ncrypt.dll 2014-11-12 14:24:59 DF30FC54FFF79BC744B22A4850A3CF92 86528 ----a-w- C:\windows\Sysnative\TSpkg.dll 2014-11-12 14:24:59 55F0CF40479A1FC89CFA578909A540F2 210944 ----a-w- C:\windows\Sysnative\wdigest.dll 2014-11-12 14:24:59 47C48C705F4F1EFC99B50B43AE4301FE 314880 ----a-w- C:\windows\Sysnative\msv1_0.dll 2014-11-12 14:24:58 336BA030AB7B05300CB0B5C6AFB27176 22016 ----a-w- C:\windows\Sysnative\credssp.dll 2014-11-12 14:24:51 934735F508E297504460935B71E99F0B 77824 ----a-w- C:\windows\Sysnative\packager.dll 2014-11-12 14:24:49 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\windows\Sysnative\win32k.sys 2014-11-12 14:24:47 2720C94ADCC1727A66365CCB1CE456C4 3241984 ----a-w- C:\windows\Sysnative\msi.dll 2014-11-09 23:54:27 3ECFFF0D1BB6B173B0B75AFB2F25018C 89888 ----a-w- C:\windows\Sysnative\NicInstC.dll 2014-11-09 23:54:27 3A029DD59AD708C7B4FA8AEFD78EA803 73480 ----a-w- C:\windows\Sysnative\e1cmsg.dll ====== C:\windows\Sysnative\drivers ===== 2014-11-12 14:25:16 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys 2014-11-09 23:54:27 23B6F8081F5C7AF1343810641EE0DD58 495376 ----a-w- C:\windows\Sysnative\drivers\e1c62x64.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2014-11-20 22:43:06 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-11-05 15:40:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Steven\AppData\Roaming ====== 2014-11-20 14:11:54 0C4B1ACB72943D8D024DABD9CDC37F85 7605 ----a-w- C:\Users\Steven\AppData\Local\Resmon.ResmonCfg 2014-10-25 01:43:43 DF09FAEBBF599D98A1442B4610BA5BE4 709632 ----a-w- C:\windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat ====== C:\Users\Steven ====== 2014-11-21 10:03:51 !HASH: COULD NOT OPEN FILE !!!!! 0 ----a-w- C:\ProgramData\cm-lock 2014-11-20 22:41:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Steven\Desktop\RSITx64.exe 2014-11-20 22:39:34 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Steven\Downloads\RSITx64.exe ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Steven\AppData\Local\Akamai\netsession_win.exe" "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Facebook Update"="C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "AccelerometerSysTrayApplet"="C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "ADSK DLMSession"="C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "File Sanitizer"="c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Steven\AppData\Local\Akamai\netsession_win.exe" "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Facebook Update"="C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "AccelerometerSysTrayApplet"="C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "MfeEpePcMonitor"="C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-08-20 13:44:03 0 ----a-w- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip 2012-12-25 09:33:48 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2013-04-30 16:08:50 2199 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3828895511-1117663807-856057220-1002Core.job --a------ C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe [31/01/2014 11:04] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3828895511-1117663807-856057220-1002UA.job --a------ C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe [31/01/2014 11:04] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/08/2013 17:21] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/08/2013 17:21] C:\windows\tasks\HPCeeScheduleForSteven.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 12:43] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\SysNative\tasks\AdobeAAMUpdater-1.0-Gebruiker-HP-Steven" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3828895511-1117663807-856057220-1002Core" [C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3828895511-1117663807-856057220-1002UA" [C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\HPCeeScheduleForSteven" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe"] "C:\windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{5C437FF4-7CD2-40E9-B59A-A1BEC03454BE}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{9D082B1E-3BD8-4D16-8E45-C49CB4365AC5}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\0zvl38dm.default\extensions\faststartff@gmail.com" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\0zvl38dm.default - Undetermined - belgiumeid@eid.belgium.be - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\0zvl38dm.default 67D325B5AEB28E381B84E8DE1A90C7A8 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Steven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] ncffjdbbodifgldkcbhmiiljfcnbgjab - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx[20/07/2012 17:00] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.istartsurf.com/?type=hp&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T" "Search Page"="http://www.bing.com/search?q={searchTerms}" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T&q={searchTerms}" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T" "Start Page"="http://www.istartsurf.com/?type=hp&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T" "Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T&q={searchTerms}" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T" "Start Page"="http://www.istartsurf.com/?type=hp&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T" "Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1410285768&from=amt&uid=TOSHIBAXMK5061GSYN_Y2TQC452TXXY2TQC452T&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=45c2e940-4962-41f3-b8e8-6a8014372024&searchtype=ds&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=45c2e940-4962-41f3-b8e8-6a8014372024&searchtype=ds&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing Url="http://www.bing.com/search?q={searchTerms}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-3828895511-1117663807-856057220-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Steven\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe -AutoStart O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CurseClientStartup.ccip O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit (mi-raysat_3dsmax2013_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Steven\AppData\Local\Mozilla\Firefox\Profiles\0zvl38dm.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=259 folders=78 4511727724 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\hedev\AppData\Local\Temp emptied successfully C:\Users\Steven\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Steven\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\cm-lock" not deleted "C:\PROGRA~2\SupTab\msvcr110.dll" not found "C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not found "C:\PROGRA~2\SupTab" not found ==== EOF on vr 21/11/2014 at 16:43:24,99 ======================